|
|
@ -84,8 +84,7 @@ public class JWTAuthenticator implements WebappAuthenticator {
|
|
|
|
try {
|
|
|
|
try {
|
|
|
|
keyStoreManager.getDefaultPrimaryCertificate();
|
|
|
|
keyStoreManager.getDefaultPrimaryCertificate();
|
|
|
|
String authorizationHeader = request.getHeader(JWT_ASSERTION_HEADER);
|
|
|
|
String authorizationHeader = request.getHeader(JWT_ASSERTION_HEADER);
|
|
|
|
JWSVerifier verifier =
|
|
|
|
JWSVerifier verifier = new RSASSAVerifier((RSAPublicKey) keyStoreManager.getDefaultPublicKey());
|
|
|
|
new RSASSAVerifier((RSAPublicKey) keyStoreManager.getDefaultPublicKey());
|
|
|
|
|
|
|
|
SignedJWT jwsObject = SignedJWT.parse(authorizationHeader);
|
|
|
|
SignedJWT jwsObject = SignedJWT.parse(authorizationHeader);
|
|
|
|
if (jwsObject.verify(verifier)) {
|
|
|
|
if (jwsObject.verify(verifier)) {
|
|
|
|
String username = jwsObject.getJWTClaimsSet().getStringClaim(SIGNED_JWT_AUTH_USERNAME);
|
|
|
|
String username = jwsObject.getJWTClaimsSet().getStringClaim(SIGNED_JWT_AUTH_USERNAME);
|
|
|
|